Mandiant’s M-Threat 2015 report details how a publicly-available “pentesting” tool, Mimikatz, can be used to steal password hashes and dump plaintext passwords extracted from memory, helping attackers move laterally within your network.
In 2014, 1,000 retail businesses were hit by remote attacks. Ultimately, most retail attacks started with stolen credentials, which enabled attackers to move laterally, harvesting credentials along the way until they reached their final destination.
Smarter Security: Logs & Context-Aware Access Controls Industry News / Featured Article
Encryption and firewalls? Could be useless if an attacker steals administrator credentials and goes undetected in your systems for months.
Many Software as a Service (SaaS) companies think that security is a slowdown, a barrier, a blockage, a limitation; which, from a business perspective, can translate to mean lower profits and usability.
Post-breach, Anthem customers have been warned of subsequent phishing scams. And a large number of those customers include faculty, staff and students from major universities across the country, as Anthem provides health plans and other services for many higher education customers.
Learn about some lesser-known, but just-as-useful ways to use Duo Mobile.
The internet erupted with outrage at Lenovo for their inclusion of Superfish adware on certain consumer laptops. The company's response to customer concerns shows exactly what not to do.
The Weekly Ink is the weekly newsletter brought to you by Duo Labs, with curated links of interest in the security world to help educate and entertain on security happenings and culture.
During our latest Hack Day, one project involved painting Duo’s seal in our new downtown Ann Arbor office - which got us to thinking about what that seal stands for and why it’s important to us.
Since brokerage firms deal with investors that trade public stocks and other financial securities, in addition to offering loans and stock prices and tips, they’re often targeted by hackers seeking to exploit brokerage firm employees that have access to a large clientele of stockbrokers - and large sums of money.
A word from Duo's new Chief Operating Officer (COO), bicoastal Zack Urlocker - our new leader of sales, marketing and customer success.
In step with President Obama’s proposed information security legislation, New York State Attorney General Eric T. Schneiderman has proposed an update to state legislation on consumer data and data breach notification laws.
February's Duo Tech Talk featured Yelp's security team manager, Ivan Leichtling as he explained a security tool they developed in-house for dealing with security alerts. OSXCollector automates the digital forensic evidence collection and analysis that their team had been previously doing manually.
The breach at Anthem may have begun in April, 2014 and may be the work of a Chinese hacking crew. The question for healthcare companies: how to respond.
> The second largest healthcare insurance provider, Indianapolis-based Anthem Inc., recently reported a data breach affecting 80 million customers and employees, the Wall Street Journal stated.
The Fiscal Year 2015 Budget of the U.S. Government (PDF) was recently released by the White House, calling for $14 billion for government cyber efforts, as Reuters reported.
Find out how Duo Security lowers the total cost of ownership (TCO), provides flexible authentication methods, and secures a UK-based software development and consulting company, Softwire.
In December 2014, the European Banking Authority released guidelines on securing online payments across the European Union (EU). One of those security requirements includes the use of ‘strong authentication,’ which the EBA defines as the use of multifactor authentication.